Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2016-08-18

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:01 Guest94904 how do i get saltenv in state... what i want to do is apply some states only if the saltenv is "central" else not
00:06 ageorgop joined #salt
00:06 dh__ is there a way to output to console in salt?
00:07 Edgan dh__: not quite sure what you mean, but try -l trace
00:07 dh__ I am checking to see if an instance exists before running a create state, {% if salt['cloud.has_instance'](name) == true %}
00:07 dh__ I'd like to have a friendlty message if skipping the creation of the VM "this VM already exists" or such
00:08 Edgan dh__: ah, you want an echo feature
00:08 dh__ because it is bypassed by Jinja completely in the if condition, all states complete successfully
00:08 dh__ and I'd like to just pass a bit of a hint
00:08 dh__ yeah
00:08 stanchan joined #salt
00:13 Edgan dh__: the closest I can find is you can write to the minion log from modules, but doesn't look like there is a print/echo state
00:13 JoshuaX joined #salt
00:14 ablinkin joined #salt
00:15 Edgan dh__: Thought if this is master mode, you are thinking more like orchestration/bash scripts.
00:19 sagerdearia joined #salt
00:23 ablinkin joined #salt
00:23 raspy i have a pillar in /dev/ and a pillar in /prod/ how do I make states call their respective pillars?
00:23 raspy basically, im making this call at the top of the state file {% set postgresql   = pillar.get('postgresql', {}) -%}
00:26 dh__ It is actually being done via orch runner
00:26 dh__ I'd just added an  echo "VM Exists!"; exit 1: cmd.run
00:26 Edgan raspy: you want map.jinja
00:26 Edgan dh__: you could wrap salt for that
00:26 dh__ and that causes a failure with message, good enough for now
00:26 raspy ok thx Edgan
00:27 ablinkin joined #salt
00:27 antpa joined #salt
00:27 dh__ I will look into it Edgan
00:27 dh__ thanks for the help
00:34 Edgan raspy: https://paste.fedoraproject.org/409935/47148047/
00:34 Edgan raspy: advanced example
00:35 pipps joined #salt
00:36 Edgan raspy: The test.check_pillar state is also your friend
00:38 Edgan raspy: Warning, this patch isn't in a release version yet, https://github.com/saltstack/salt/pull/32965
00:38 saltstackbot [#32965][MERGED] Fix 'present' option when used without 'key_type' | What does this PR do?...
00:38 raspy Edgan: awesome thx! ill take a peek
00:43 raspy Edgan: good example thx!
00:50 ablinkin joined #salt
00:54 klaas joined #salt
01:02 catpiggest joined #salt
01:17 malabaris joined #salt
01:17 malabaris si quieres ganar mirando anuncios mira esto: https://www.facebook.com/malabarista72/
01:17 malabaris left #salt
01:19 chrichip joined #salt
01:20 hasues joined #salt
01:20 hasues left #salt
01:30 Nahual joined #salt
01:37 ablinkin joined #salt
01:39 stanchan joined #salt
01:47 Brijesh1 joined #salt
01:47 dh__ joined #salt
01:59 catpigger joined #salt
02:05 onlyanegg joined #salt
02:06 Brijesh1 joined #salt
02:07 ageorgop joined #salt
02:07 bastiandg joined #salt
02:10 justanotheruser joined #salt
02:14 stanchan joined #salt
02:14 chrichip joined #salt
02:16 ablinkin joined #salt
02:19 Misfit joined #salt
02:28 ablinkin joined #salt
02:28 antpa joined #salt
02:29 Brijesh1 joined #salt
02:30 tiwula joined #salt
02:31 ablinkin joined #salt
02:39 evle joined #salt
02:43 ninjada_ joined #salt
02:45 fannet joined #salt
02:47 chrichip joined #salt
02:54 ninjada joined #salt
02:56 stanchan joined #salt
03:14 filippos joined #salt
03:16 jaybocc2 joined #salt
03:17 ablinkin joined #salt
03:24 ablinkin joined #salt
03:29 stanchan joined #salt
03:31 ablinkin joined #salt
03:32 MTecknology I'm trying to use the gpg renderer #!yaml|gpg  I also have jinja in there but that's not running. I tried a random guess at #!yaml|gpg|jinja and the other combinations of that. Is it possible to combine the two? The other option seems to be no jinja in that file and having another pillar file that reads that as a map and picks through them to see if that particular key should be shared... or a
03:32 MTecknology single file per key which be kinda messy
03:33 Brijesh1 joined #salt
03:37 MTecknology oh... I think I found the magic incantation! :)
03:38 ablinkin joined #salt
03:39 llua which is?
03:40 MTecknology I lied
03:46 ablinkin joined #salt
03:46 MTecknology llua: I thought I got it, but I'm just shooting blanks
03:53 MTecknology there has to be a smarter way to do this... :(
03:56 ninjada joined #salt
03:57 MTecknology heh... I /could/ store each in their own file and have jinja import each file w/ context?
04:02 DEger joined #salt
04:07 ALLmightySPIFF joined #salt
04:18 shanemhansen joined #salt
04:23 om joined #salt
04:34 cyborg-one joined #salt
04:40 Eugene joined #salt
04:46 fannet joined #salt
04:53 chrichip joined #salt
04:57 Brijesh1 joined #salt
05:00 sagerdearia joined #salt
05:09 edrocks joined #salt
05:15 mikea joined #salt
05:16 mikea quick question.. Do minions check in periodically? like puppet does agent runs every 30 minutes - does the minion work that way or only on demand?
05:19 iggy mikea: you mean does it run highstates periodically?
05:19 iggy no
05:19 iggy you can use the scheduler
05:20 iggy but you should really be doing things based on events
05:20 iggy i.e. you commit your states to git, a webhook hits salt-api and says to git pull and run a highstate
05:23 mikea I'm working in an environment where we need to enforce compliance but have to share control with our customers
05:23 bocaneri joined #salt
05:23 mikea so I want to run highstate every x minutes to enforce compliance
05:23 mikea but speaking of salt-api
05:23 mikea how does authentication work?
05:24 mikea I want to run a python script to pull grains.items into our CMDB but the python script needs to run from someplace not the salt master
05:25 iggy it's complicated
05:26 mikea yeah, I was going through the docs
05:26 iggy you can do no auth, tie it to pam/ldap/AD/etc
05:26 mikea it looks like I need to setup external auth and tie it into AD with a service account
05:26 mikea because we use RSA via pam
05:27 mikea I don't think no auth is an option
05:27 jaybocc2 joined #salt
05:27 mikea for me anyways
05:35 ablinkin joined #salt
05:40 PerilousApricot joined #salt
05:41 Brijesh1 joined #salt
05:42 fracklen joined #salt
05:43 jaybocc2 joined #salt
05:51 sp0097 joined #salt
05:57 CeBe joined #salt
05:59 onlyanegg joined #salt
06:02 ablinkin joined #salt
06:03 ivanjaros joined #salt
06:03 akhter joined #salt
06:05 jxm_ joined #salt
06:05 kshlm joined #salt
06:07 brent__ joined #salt
06:30 antpa joined #salt
06:34 AirOnSkin joined #salt
06:40 DEger_ joined #salt
06:46 fannet joined #salt
06:47 Brijesh1 joined #salt
06:51 pfc joined #salt
06:58 impi joined #salt
06:58 Miouge joined #salt
07:01 mavhq joined #salt
07:02 ajw0100 joined #salt
07:12 edrocks joined #salt
07:15 scavara joined #salt
07:17 ninjada_ joined #salt
07:23 scavara in a sls which should hanlde (disable) ipv6 on mionions i have several sysctl kernel values (ex: net.ipv6.conf.all.disable_ipv6 sysctl.present:  - value: 1) and I would like to do a sysctl (-p) reload. onchanges requisite seems to me like a good option but having trouble setting it up
07:27 ivanjaros joined #salt
07:29 Misfit joined #salt
07:31 babilen scavara: Are you using https://docs.saltstack.com/en/latest/ref/states/all/salt.states.sysctl.html
07:31 felskrone joined #salt
07:31 babilen ?
07:32 babilen There is also https://github.com/saltstack-formulas/sysctl-formula which I like to use in these cases
07:36 Miouge joined #salt
07:37 scavara babilen: you're right (yes, i'm using the salt.states.sysctl.present) - then i don't need to reload anything
07:38 babilen yeah
07:38 scavara babilen: but this sysctl-formula looks interesting (and more robust than what I have)
07:38 scavara babilen: thank you...
07:39 babilen It does what you want it to do and I haven't had problems with it (after fixing some issues to begin with)
07:40 ninjada joined #salt
07:41 iggy there's also /etc/gai.conf
07:42 iggy easier to use than flipping stuff in /proc
07:43 yuhlw_ joined #salt
07:53 manji joined #salt
07:54 jaybocc2 joined #salt
08:06 Misfit joined #salt
08:09 keimlink joined #salt
08:10 jaybocc2 joined #salt
08:15 Rumbles joined #salt
08:17 GreatSnoopy joined #salt
08:18 jhauser joined #salt
08:19 s_kunk joined #salt
08:20 ablinkin joined #salt
08:22 mikecmpbll joined #salt
08:40 scavara joined #salt
08:41 robawt joined #salt
08:43 euidzero joined #salt
08:43 fannet joined #salt
08:45 krymzon joined #salt
08:46 ajolo joined #salt
08:49 Electron^- joined #salt
08:49 ronnix joined #salt
08:51 Electron^- Hi guys... When I exec a state.sls to multiple servers via wildcards, I receive the output from every server, but i need to scroll up to see every server's result... there is a way to have a summary result at the end of the execution with global file changed/errors ?
08:52 manji yes
08:52 manji --out-file=/tmp/salt1.log
08:52 manji and then do a less -r  /tmp/salt1.log
08:52 manji so less will parse all the term colours
08:52 scavara joined #salt
08:52 scavara iggy: never used gai.conf before :) as far as i can see, it allows you to setup a precedence of one network over other (4 over 6 for example), right?
08:53 manji yes, although, wrong channel :p
08:54 babilen Electron^-: Not really .. I meant to write one, but such "global analysis" handlers don't exist yet
08:55 scavara manji: it was just a comment on previous discussion wrt us of sysctl salt state...
08:55 N-Mi joined #salt
08:55 N-Mi joined #salt
08:55 Electron^- manji, I can also do a "| less", that's not what I need... the correct answer is the babilen one... there is nothing like a global report yet... thanks
08:55 manji scavara, yes my bad, sorry
08:56 babilen Electron^-: It really isn't that complicated to write though. Just ENOTIME for me :)
08:56 manji Electron^-, yep, but it is the next best thing :)
08:57 Electron^- babilen, I know... I'll see if i'll have some time to write it ;)
08:57 Electron^- manji, :)
08:58 babilen "You have time for what you make time" :)
08:59 manji like eg, the beach :p
08:59 Electron^- babilen, not when you have some problem with 8 years old production servers :'(
08:59 richardl Hi there, can any one help me with a saltmine issue?
08:59 babilen It is entirely a matter of priorities .. I never accept "I don't have time for that" as an answer as you simply decide to spend your time on something else. There is no problem with that, but it is still not the case that one doesn't have time.
08:59 babilen Anyway
08:59 babilen richardl: Which issue would that be?
09:01 richardl babilen: https://groups.google.com/forum/#!topic/salt-users/z_yAZ7Y-0vg this details my issue
09:01 richardl I am trying to get the example of a remote CA server working under salt
09:02 babilen I don't quite understand what that has to do with the salt mine
09:02 richardl there is a saltmine in the cert.sls from the example
09:02 richardl it fails to take any input into its CA varabile
09:02 babilen Where?
09:03 babilen And what do you mean by "there's a saltmine in the cert.sls" ?
09:03 ninjada joined #salt
09:03 richardl babilen: https://docs.saltstack.com/en/latest/ref/states/all/salt.states.x509.html I am trying to build the example from this link
09:04 babilen Could you paste your actual and complete state to one of http://refheap.com, http://paste.debian.net, https://gist.github.com, http://sprunge.us, … ?
09:04 richardl sure be a few mins and I will send you a link ok
09:04 babilen Just mention it in the channel
09:04 richardl k
09:05 babilen I mean there is nothing we can do without the code that resulted in the error .. From what I can tell that code was not mentioned in your mail, but then I haven't found the saltmine in there either
09:05 babilen (One also does not "have a saltmine in SLS")
09:07 ninjada joined #salt
09:10 richardl babilen: https://gist.github.com/RichardLaing/8c981228029fa477c16a802b5c8a6593
09:11 richardl the error is - Rendering SLS 'base:cert' failed: Jinja variable 'dict object' has no attribute 'ca'
09:12 babilen https://gist.github.com/RichardLaing/8c981228029fa477c16a802b5c8a6593#file-cert-sls-L6 that call seems to return data without a 'ca' key
09:14 netcho joined #salt
09:15 richardl So my question is I have taken the cert out and made sure the folder for the cert has been created and the rest of the state works fine, should I drop using the saltmine method?
09:15 edrocks joined #salt
09:16 ffredrikk joined #salt
09:19 netcho hi all, can i override ssh_interface i cloud profile?
09:19 netcho or i need to create new provider with ssh_interface: public_ips
09:19 N-Mi joined #salt
09:19 netcho talking about salt-cloud
09:20 cyborg-one joined #salt
09:28 babilen richardl: The question you should ask yourself is: Why do you think that they mine.get returns the data you expect it to return? Also: How can you make sure that it *does* include that data?
09:29 babilen The untested dictionary lookup simply results in a KeyError so you might want to test if the key is in the dictionary before accessing it
09:33 daks hello
09:33 daks imagine i have a pillar which set redis: instances: X
09:34 daks i another pillar (which configure collectd redis python plugin), i want to loop on this redis:instances value
09:34 daks how i can do that?
09:34 daks i tried {% for instance in range(0, redis:instances) %} but doesn't work
09:35 daks if i do a salt['pillar.get'] it doesn't work neither because pillar can't access to pillar
09:36 daks i'm looking for another solution to just get this pillar value
09:36 daks because if I {% set instances = 4 %} my loop works
09:36 daks my problem is the syntax to use
09:37 babilen You can't access other pillars from pillars ... look into pillarstack or keep it in external pillars if you need that
09:37 babilen Or use {% set instances = 4 %} (which would work)
09:37 daks okay, so I'm stucked
09:38 daks my loop sets 10 lines of pillars and I don't want to need to set them manually for each of my hosts
09:38 babilen Why don't you use {% set instances = 4 %} and reference that value in different places in the pillar SLS ?
09:38 daks it's a big problem and i don't know how to solve it
09:39 daks my need is to have a collectd/redis.sls generic
09:39 daks so in my host specific pillar sls i just want to set a pillar
09:39 daks i'll try to use {% set instances = X %} in this pillar
09:40 babilen I understand that it is needed, but salt doesn't allow you to perform pillar lookups in pillars (and implementing that is far from trivial)
09:40 babilen If you can't work with variables you set you can look into pillarstack
09:40 babilen (or set it in external pillars)
09:41 daks yes i saw the issues concerning pillar in pillar
09:41 daks so i  get rid of pillar.get in my pillar
09:41 daks but i thought i could just use a pillar variable which i can't
09:42 daks i'll look at the alternative you indicate
09:42 daks thanks
09:43 daks or i'll extend the collectd formula to manage my specific pillar data
09:43 daks coming from puppet, this state/pillar separation (code/data) is great
09:43 daks but some use cases like that are complicated to implement
09:46 babilen If you allow pillar lookups in pillars you are immediately getting into Chomsky hierarchy territory and pillar values might never end expanding
09:47 daks i understand the problem
09:47 daks but i imagine a lookup that only takes place at runtime
09:48 daks ... if it makes any sense...
09:48 daks raw pillar get sent to minion
09:48 daks and specific ones which access to other values only get evaluated when all pillar is on the minion
09:49 daks but i don't know salt enough to know if it's complete BS
09:50 daks and it doesn't solve the 'infinite loop' problem
09:53 AndreasLutro pillars in pillars is definitely a wanted feature https://github.com/saltstack/salt/issues/23910
09:53 saltstackbot [#23910][OPEN] Please implement static pillars | Hi,...
09:54 fracklen joined #salt
09:55 daks for now, extending the collectd formula will make the job for me
09:56 krymzon_ joined #salt
10:02 s_kunk joined #salt
10:08 ablinkin joined #salt
10:13 jamesp9 joined #salt
10:21 jaybocc2 joined #salt
10:33 ronnix joined #salt
10:34 nicksloan joined #salt
10:37 jaybocc2 joined #salt
10:41 kbaikov joined #salt
10:49 ze- hey. mmm... anyone knows if there is an easy way to call a runner method from an other runner?
10:51 ramSeraph joined #salt
10:52 Rumbles joined #salt
10:52 ramSeraph hey
10:52 ablinkin joined #salt
10:54 AirOnSkin joined #salt
10:58 Gobo708 joined #salt
10:59 Gobo708 Hi All, I have just done a first time install with salt and when start salt with "salt-master" , I have received the following error: [WARNING ] Key 'file_ignore_glob' with value None has an invalid type of NoneType, a list is required for this value
10:59 Gobo708 Running on Ubuntu 16.04
11:00 amcorreia joined #salt
11:00 babilen That's a warning .. did you set file_ignore_blob ?
11:00 Gobo708 I just followed the install instructions
11:00 Gobo708 fresh server, fresh salt
11:01 Gobo708 [WARNING ] Key 'file_ignore_glob' with value None has an invalid type of NoneType, a list is required for this value
11:01 Gobo708 Failed to create directory path "/etc/salt/pki/master/minions" - [Errno 13] Permission denied: '/etc/salt/pki/master/minions'
11:01 Gobo708 There was a bit more
11:01 ablinkin joined #salt
11:01 Gobo708 and with sudo
11:01 Gobo708 [WARNING ] Key 'file_ignore_glob' with value None has an invalid type of NoneType, a list is required for this value
11:01 Gobo708 [WARNING ] Unable to bind socket, error: [Errno 98] Address already in use
11:01 Gobo708 The ports are not available to bind
11:01 Gobo708 Maybe its running already?
11:02 Gobo708 Thanks for the help btw ;)
11:03 babilen Which instructions did you follow? Which commands are you running? What did you expect to happen and what does happen?
11:03 babilen Could you paste relevant command and output to one of http://refheap.com, http://paste.debian.net, https://gist.github.com, http://sprunge.us, … ?
11:03 babilen The master would have been started as a service so if you are trying to run it manually you should stop it first
11:06 Gobo708 I followed the Ubuntu instructions
11:06 Gobo708 https://docs.saltstack.com/en/latest/topics/installation/ubuntu.html#installation-from-the-official-saltstack-repository
11:06 Gobo708 This was my first time using saltstack, so no expectations yet
11:06 Gobo708 I think the final issue is because i have installed minion and master on the same server
11:07 babilen So you followed https://repo.saltstack.com/#ubuntu really?
11:08 babilen You can have master and minion on the same server. It is a very common setup and typically used to configure the master through salt (with, for example, https://github.com/saltstack-formulas/salt-formula )
11:08 Gobo708 Those instructions are similiar
11:08 Gobo708 but I used the first link
11:09 babilen From where did you install saltstack?
11:09 ablinkin joined #salt
11:09 babilen And which commands are you running now?
11:09 Gobo708 exactly as listed
11:09 ronnix joined #salt
11:09 Gobo708 the final command to start it was salt-master
11:09 Gobo708 Actually, that may have been on the "next" page, which was configuration
11:09 Gobo708 let me check
11:10 Gobo708 yes here, https://docs.saltstack.com/en/latest/ref/configuration/index.html
11:10 AirOnSkin joined #salt
11:10 Gobo708 but same command that I mentioned
11:11 babilen The salt master would already be running
11:11 babilen It is started as a service .. If you want to run it manually you would have to stop the running service first (service salt-master stop)
11:12 babilen Note that you don't have to do it in order to use salt
11:13 Gobo708 hmm ok
11:13 Gobo708 Am I using the correct docs?
11:13 Gobo708 Or is there better information somewhere?
11:13 babilen I'd suggest to set the master: variable in /etc/salt/minion to your master's IP or hostname and then run "service salt-minion restart", running "salt-key -A" should then allow you to accept the minion's key
11:13 babilen https://docs.saltstack.com/en/getstarted/ is a nice overview
11:13 phx joined #salt
11:13 Rumbles joined #salt
11:14 Gobo708 Thanks
11:14 Gobo708 I have been using fabric
11:14 Gobo708 but am looking for something that I can use longer term with jenkins to get CI going better
11:15 Gobo708 Was hoping a little Jenkins, SaltStack + Docker... will work together well
11:15 babilen There is also https://docs.saltstack.com/en/latest/topics/states/ and https://docs.saltstack.com/en/latest/topics/execution/remote_execution.html
11:15 Gobo708 Thanks
11:16 babilen I'd configure the minion to be able to talk to your master, run "salt '*' test.ping" and then check out the remote execution tutorial .. look into states after that
11:16 Gobo708 Ok thanks
11:18 edrocks joined #salt
11:20 ablinkin joined #salt
11:29 kus joined #salt
11:42 ablinkin joined #salt
11:50 netcho joined #salt
12:03 xet7 joined #salt
12:07 ablinkin joined #salt
12:12 p3rror joined #salt
12:16 TooLmaN joined #salt
12:19 ALLmightySPIFF joined #salt
12:28 edrocks joined #salt
12:32 antpa joined #salt
12:32 Miouge joined #salt
12:36 scavara my minions can be connected up to three networks (i.e have 3 net if's / ip addresses). any suggestions on how to determine the one that is used to communicate with the master? custom grain on minions?
12:40 misconfig joined #salt
12:45 edrocks joined #salt
12:46 AirOnSkin Hello Salt folks. I'm getting the error "No matching sls found for 'statename' in env 'base'" when using state.sls eventhough I don't have a base env...
12:46 numkem joined #salt
12:46 AirOnSkin I used to have one, though. Not sure if that's still cached somewhere. I did restart the salt-master daemon, but I can't think of anything else to do
12:48 AndreasLutro I think state.sls uses the base env by default
12:49 AndreasLutro since you're not going through top.sls salt can't figure out which environment to apply
12:49 AndreasLutro so you have to specify it yoursellf
12:49 AndreasLutro I think the argument is saltenv=whatever but look it up yourself to be sure
12:52 armin joined #salt
12:52 AirOnSkin AndreasLutro, Ah, yes, I've been using saltenv=dev/test/prod up until now but I thought that I had to because of something else... your explanation makes sense of course. Thanks :)
12:53 west575_ joined #salt
12:57 akhter joined #salt
12:59 Misfit joined #salt
13:02 west575__ joined #salt
13:06 gh34 joined #salt
13:09 fracklen joined #salt
13:10 nicksloan joined #salt
13:12 ivanjaros joined #salt
13:14 ablinkin joined #salt
13:14 hasues joined #salt
13:14 hasues left #salt
13:22 tiwula joined #salt
13:29 tiwula joined #salt
13:31 mapu joined #salt
13:32 racooper joined #salt
13:34 ronnix joined #salt
13:37 whitenoise_ joined #salt
13:43 rofl____ any tricks for how to do tail -f remotely to a host with salt?
13:43 rofl____ since cmd.run doesnt give response until command is done
13:43 AndreasLutro why do you have to do that with salt
13:44 ffredrikk joined #salt
13:44 racooper joined #salt
13:44 AndreasLutro I mean I don't think it's possible regardless
13:44 AndreasLutro but salt is not parallel-ssh
13:47 KingOfFools joined #salt
13:49 DEger joined #salt
13:54 jerredbell joined #salt
13:59 ALLmightySPIFF joined #salt
14:03 mpanetta joined #salt
14:10 ablinkin joined #salt
14:11 krymzon_ curious thing, though it may already be fixed in the current version: fromrepo seems ignored in states, but works as command/module: pkg.install python-six fromrepo=wheezy-backports
14:11 babilen krymzon_: I use fromrepo without problems .. it just won't upgrade packages
14:12 krymzon_ I tried using pkg.latest with fromrepo, that should upgrade, shouldn't it?
14:12 fracklen joined #salt
14:15 krymzon_ I'll try specifying version in pkg.installed instead of using pkg.latest
14:17 babilen I try to not perform upgrades in normal state runs
14:19 krymzon_ I see, the thing is there seems to be a missing dependency in pip's pyudev, and it quietly fails an import with the normal python-six, but works fine with backport
14:20 DEger joined #salt
14:29 dh__ joined #salt
14:30 krymzon_ specifying the version worked:) a bit of a shame it apparently needs to be a precise version with apt
14:34 babilen You could install the package before the other that pulls it in .. a pkg.installed works with fromrepo if the package is not installed
14:34 babilen Just make that state a requisite of the other
14:35 tapoxi joined #salt
14:36 amcorreia joined #salt
14:37 ffredrikk joined #salt
14:37 kaptk2 joined #salt
14:37 Brew joined #salt
14:44 dendazen joined #salt
14:48 drawsmcgraw joined #salt
14:52 krymzon_ babilen: Thank you. The thing is we already have the old version installed on all the wheezy machines. The specific-version way should be good enough until we move everything to jessie
14:52 ablinkin joined #salt
14:57 spuder joined #salt
15:00 nicksloan joined #salt
15:01 banditthecat joined #salt
15:07 Garo_ joined #salt
15:07 badon_ joined #salt
15:07 DEger joined #salt
15:09 marie1972 joined #salt
15:10 khaije1 joined #salt
15:10 khaije1 using the iptables state, how do I add:  -A INPUT -i lo -j ACCEPT  ?
15:13 ssplatt joined #salt
15:13 ssplatt https://github.com/ssplatt/infratest-formula/issues/1  anyone know what i need to do to get this formula in saltstack-formulas?
15:13 saltstackbot [#1][OPEN] Please submit for inclusion at Saltstack Formula's organization | https://github.com/saltstack-formulas...
15:14 ssplatt i’m totally down for doing it.
15:14 khaije1 Hey ssplatt!
15:14 ssplatt hey
15:14 khaije1 Are you responding to the issue that was just created? That's fast, thanks very much!
15:15 ssplatt yup
15:15 khaije1 You rock!
15:15 ssplatt thanks. i give all teh credit to the amazing people at salt.
15:16 ssplatt -stack.
15:16 ssplatt i see you’re from baltimore. that’s my hometown. ‘ow bout dem O’s, hon?
15:17 khaije1 Thanks all the same! Having this as part of the official formula project will make adding it to my deploy defaults as easy as adding a single line: https://github.com/saltstack-formulas/salt-formula/blob/master/pillar.example#L255
15:17 khaije1 lol I'm wearing an O's polo atm
15:18 khaije1 Are you still in Baltimore?
15:18 ssplatt philly now.
15:18 khaije1 Ah, any good Salt meetups there?
15:18 ssplatt we’ve hosted one but nothing regular
15:21 tapoxi is the reactor technically a salt engine?
15:21 khaije1 I'm hoping the meetups will become more widespread and regular. There's a new one that just started up outside of DC if you're ever interested to drop in: http://www.meetup.com/NoVA-Saltstack/
15:21 marie1972 left #salt
15:22 ssplatt i have friends in NoVA but that’s a little far for me on a normal day, unfortunately. but i’ll keep it in mind if i’m ever in the area
15:23 ssplatt so khaije1 i’m still a little confused on what action i need to do to get the formula into the saltstack-formulas org
15:27 khaije1 Hmm, I've seen it happen as a result of mailing the salt-users mailing list.
15:28 khaije1 Not sure if there is a better way than that, but it should probably be written down somewhere and I dont see that now as I look.
15:31 ssplatt basepi: paging you as a random salt contact to ask what I need to do to get a formula into the saltstack-formulas org
15:34 dezertol joined #salt
15:41 ablinkin joined #salt
15:42 coval3nce joined #salt
15:45 peters-tx khaije1, For our RHEL systems we just re-write the entire /etc/sysconfig/iptables file
15:45 peters-tx khaije1, So state.file basically.  File.managed
15:46 fredvd joined #salt
15:48 ssplatt we do that with our debian iptables formula too
15:49 ssplatt to get around having old rules/typos hanging around
15:49 khaije1 I can see the efficacy, but I really want to be able to test=True the firewall config
15:50 ablinkin joined #salt
15:50 khaije1 looking through the module documentation I think/guess it's the 'if' and 'of' keywords, so I'm giving that a go :)
15:51 amcorreia joined #salt
15:51 edrocks joined #salt
15:52 peters-tx khaije1, For the adventurous you can do a watch on the file and restart iptables if/when it gets updated
15:52 peters-tx ...thus ensuring it is employed
15:55 heaje joined #salt
15:56 sp0097 joined #salt
16:00 nidr0x joined #salt
16:01 manji joined #salt
16:01 beowuff joined #salt
16:01 onlyanegg joined #salt
16:03 nidr0x joined #salt
16:04 amiskell joined #salt
16:06 snergster joined #salt
16:11 pipps joined #salt
16:15 nidr0x joined #salt
16:15 ninjada joined #salt
16:18 khaije1 peters-tx: that makes good sense!
16:21 ablinkin joined #salt
16:24 stanchan joined #salt
16:26 brotatochip joined #salt
16:27 ablinkin joined #salt
16:28 ivanjaros joined #salt
16:33 antpa joined #salt
16:34 edrocks joined #salt
16:34 richardl babilen: I fixed the issue I was working on
16:34 Edgan joined #salt
16:35 ablinkin joined #salt
16:39 babilen richardl: Oh, how?
16:43 stanchan joined #salt
16:44 richardl babilen: I hadden't updated the cert.sls varabiles to point at my minion correctly
16:46 woodtablet joined #salt
16:49 babilen What's the name of that minion?
16:49 richardl babilen: minion1
16:49 babilen (I guess "Not 'ca'")
16:49 richardl nope I overlooked that
16:50 babilen You targeted 'ca' and also looked up data for that minion in your SLS .. which is why I complained about 'ca' not being defined. Well .. salt complained more
16:53 amcorreia joined #salt
16:54 stanchan joined #salt
16:59 ablinkin joined #salt
17:00 richardl indeed I do wish there was more info on salt mine along with examples to pick apart would of made life eaiser but its working now :)
17:01 felskrone joined #salt
17:02 Electron^- joined #salt
17:03 ffredrikk joined #salt
17:04 stanchan joined #salt
17:05 cmarzullo richardl: tell me about it. Just spend yesterday getting it sorted myself.
17:10 ssplatt it wasn’t readily clear to me that the mine_functions are basically anything you’d run with module.run, or right off the cli with salt <target> <module>.<function> …
17:11 jgarr anyone have problems scaling the salt-api? I get a lot of missed requests when I load test it >1000 requests
17:12 ablinkin joined #salt
17:12 ssplatt havne’t tried that much load yet, but maybe it’s time to look into syndics and have the api on the syndics?
17:13 cmarzullo ssplatt: yeah. I got tripped up on using aliases in mine.send.
17:13 cmarzullo and that using mine from a runner is different than using it in a template.
17:16 jenastar joined #salt
17:17 JohnnyRun joined #salt
17:19 ablinkin joined #salt
17:19 stanchan joined #salt
17:19 SpX joined #salt
17:24 ablinkin joined #salt
17:32 ajw0100 joined #salt
17:33 iggy scavara: yeah, we use it for some of our pops that don't have v6 addresses (because the upstream provider hasn't enabled it)
17:33 ALLmightySPIFF joined #salt
17:38 pipps joined #salt
17:38 sjorge joined #salt
17:45 a_ghost_irl joined #salt
17:45 tuxx joined #salt
17:56 cyborg-one joined #salt
17:56 jenastar joined #salt
17:56 nonades joined #salt
17:58 ablinkin joined #salt
18:01 om joined #salt
18:13 ablinkin joined #salt
18:14 DammitJim joined #salt
18:16 ninjada joined #salt
18:16 edrocks joined #salt
18:25 drawsmcgraw joined #salt
18:28 ablinkin joined #salt
18:30 bowhunter joined #salt
18:31 pipps joined #salt
18:32 subsignal joined #salt
18:33 mrBen2k2k2k joined #salt
18:38 edrocks joined #salt
18:39 om joined #salt
18:40 manji joined #salt
18:40 mrBen2k2k2k joined #salt
18:40 tapoxi joined #salt
18:42 Lucky24_ joined #salt
18:45 brent__ joined #salt
18:47 DammitJim joined #salt
18:48 DammitJim so, I'm getting this Salt request timed out. and suggestion to increase mhy worker_threads
18:48 DammitJim I set them to 20 and it's still doing this
18:48 DammitJim anything else I need to look at or is 20 not A LOT?
18:49 mrBen2k2k2k joined #salt
18:51 fracklen joined #salt
18:51 GreatSnoopy joined #salt
18:54 schemanic joined #salt
18:55 raiden joined #salt
18:58 mpanetta joined #salt
18:59 edrocks joined #salt
19:00 mrBen2k2k2k joined #salt
19:03 felskrone joined #salt
19:11 mrBen2k2k2k joined #salt
19:11 Miouge joined #salt
19:22 ablinkin joined #salt
19:22 ALLmightySPIFF joined #salt
19:23 wangofett joined #salt
19:24 mrBen2k2k2k joined #salt
19:31 jxm_ joined #salt
19:34 pipps joined #salt
19:35 JohnnyRun joined #salt
19:36 babilen Increasing worker threads never appeared to have solved anything
19:36 TOoSmOotH_ joined #salt
19:39 west575_ joined #salt
19:39 Miouge joined #salt
19:41 mapu joined #salt
19:41 mrBen2k2k2k joined #salt
19:46 stanchan joined #salt
19:47 edrocks joined #salt
19:47 viq joined #salt
19:49 devopsprosiva joined #salt
19:54 jaybocc2 joined #salt
19:55 higuita joined #salt
19:57 teryx510 joined #salt
19:57 higuita {{ nginx_logs_access | regex_replace('^(.*)\.log$', '\\1-'+subrole+'.log') }}  returns  SaltRenderError: Jinja syntax error: no filter named 'regex_replace'
19:57 higuita how to do a simple regexp replace in salt template?
19:57 edrocks joined #salt
19:58 Edgan higuita: It has to be a function in jinja, http://jinja.pocoo.org/
19:59 wryfi is anybody here doing anything clever for unit testing with their salt states?
19:59 cmarzullo higuita: http://jinja.pocoo.org/docs/dev/templates/#replace
19:59 wryfi i've looked around a little but haven't found a lot about testing
19:59 wryfi i know of kitchen salt
19:59 cmarzullo wryfi: My group tests with test-kitchen.
19:59 cmarzullo :)
19:59 Edgan higuita: I meant http://jinja.pocoo.org/docs/dev/templates/
19:59 cmarzullo we very happy with that workflow.
20:01 wryfi thanks cmarzullo
20:01 mrBen2k2k2k joined #salt
20:01 wryfi is there any way to do lighter weight testing? like it would be nice to be able to compile all the sls files and check for yaml syntax errors, for example.
20:02 ablinkin joined #salt
20:03 cmarzullo There was some stuff at saltconf. Newer modules and stuff.
20:03 Edgan wryfi: you want lint checking
20:04 higuita thanks Edgan and cmarzullo!
20:04 Edgan wryfi: and also look into test.check_pillar https://docs.saltstack.com/en/latest/ref/states/all/salt.states.test.html
20:04 higuita do replace support regexp?
20:04 wryfi Edgan: yes, some form of linting is one of the things i want
20:04 Edgan wryfi: if you use pillars you can make sure they have a value
20:04 beowuff joined #salt
20:04 cmarzullo They had a talk about not needing test-kitchen anymore. But they didn't really grok what test-kitchen did. Had a sitdown with S. House after the talk.
20:05 akhter joined #salt
20:05 Edgan wryfi: https://github.com/saltstack/salt/pull/32965  but there is this patch that isn't in the official release, yet
20:05 saltstackbot [#32965][MERGED] Fix 'present' option when used without 'key_type' | What does this PR do?...
20:07 wryfi Edgan: interesting, thanks
20:07 pipps joined #salt
20:07 ajw0100 joined #salt
20:07 pipps99 joined #salt
20:09 cmarzullo wryfi: what didn't you like about test-kitchen?
20:10 wryfi it's not that i don't like it. it's just a bit heavyweight sometimes.
20:10 jaybocc2 joined #salt
20:11 jenastar joined #salt
20:14 DammitJim I have about 100 minions
20:14 DammitJim why would the master not be responding?
20:14 DammitJim I increased the worker threads to 20
20:14 cmarzullo dns
20:14 stanchan joined #salt
20:14 cmarzullo it's always dns.
20:14 cmarzullo or regex. it always the regex
20:14 DammitJim lol
20:14 DammitJim cmarzullo, are you talking to wryfi ?
20:15 cmarzullo naw just joking with you.
20:15 DammitJim I agree, though... DNS sucks
20:15 beowuff Are you regexing your DNS? Because that's how you get Java.
20:15 cmarzullo zing!
20:16 ALLmightySPIFF joined #salt
20:22 ablinkin joined #salt
20:22 mrBen2k2k2k joined #salt
20:23 JohnnyRun joined #salt
20:23 edrocks joined #salt
20:24 writtenoff joined #salt
20:26 ALLmightySPIFF joined #salt
20:29 jenastar joined #salt
20:31 sp0097 joined #salt
20:35 antpa joined #salt
20:36 voileux joined #salt
20:37 johnkeates joined #salt
20:39 DammitJim is it normal to create a state to perform some work on a server such as: stopping a bunch of services
20:39 DammitJim or disabling services from starting up automatically on boot?
20:40 cmarzullo sure.
20:40 cmarzullo you can make an orchestrate runner.
20:41 DammitJim is there a simple example for that?
20:41 DammitJim this is a one time thing... for something we are doing to different servers 1 at a time
20:41 fredrick joined #salt
20:41 cmarzullo https://docs.saltstack.com/en/latest/topics/orchestrate/orchestrate_runner.html#orchestrate-runner
20:42 cmarzullo that first example clean.foo hits all your minions. but I suspect you'll want different targeting.
20:43 DammitJim cmarzullo, I only need to do a minion at a time
20:43 DammitJim my use case is... I have 10 servers where I need to make changes to each to add a new partition and move some data
20:43 DammitJim but I wanted to stop services on each server that I'm going to be working on
20:44 cmarzullo or you can just use regular: salt -b 1 myhost\* service.disable haveged
20:44 DammitJim so, for server1, I want to run a salt state that stops 3 services and disables them from starting on boot
20:44 DammitJim then I do my work
20:44 cmarzullo the -b 1 will run in batch mode one at time
20:44 DammitJim then I run the salt state to re-enable those 3 services
20:44 DammitJim next server...
20:44 DammitJim why do I need batch mode one at a time?
20:44 DammitJim I don't care if all services get disabled at the same time
20:45 cmarzullo cause you said you wanted to do one at time?
20:45 DammitJim yes
20:45 DammitJim I'll do 1
20:45 DammitJim then work on it
20:45 cmarzullo oh ok.
20:45 DammitJim re-enable the services (undo the original state ran)
20:45 DammitJim then go to the next server, etc...
20:45 DammitJim ok, so a state or even a module would be just fine
20:45 DammitJim thanks!
20:45 DammitJim is there a way to get a list of services from a minion?
20:46 pfc joined #salt
20:46 cmarzullo service.get_all
20:46 cmarzullo (haven't tried it)
20:46 cmarzullo seems to list services
20:47 DammitJim doing it
20:47 mrBen2k2k2k joined #salt
20:47 DammitJim how can I use that returned information to pick say services starting with tty ?
20:49 pipps joined #salt
20:50 cmarzullo use an orchestrator? {% set services = salt['service.get_all'] | stuff %}
20:50 cmarzullo Then use the variable to do the needful.
20:50 ablinkin joined #salt
20:53 DammitJim nice
20:54 armguy joined #salt
20:54 DammitJim I need to get on that
20:57 pipps joined #salt
20:58 ablinkin joined #salt
21:02 krymzon joined #salt
21:03 pipps joined #salt
21:04 pipps joined #salt
21:05 ablinkin joined #salt
21:07 DEger joined #salt
21:09 stanchan joined #salt
21:09 pipps joined #salt
21:12 armguy joined #salt
21:13 badon_ joined #salt
21:14 debian112 joined #salt
21:14 mrBen2k2k2k joined #salt
21:14 mavhq joined #salt
21:19 pipps joined #salt
21:22 akhter joined #salt
21:23 raspy joined #salt
21:23 raspy salt-cloud and ebs mounts, how do people usually extend volumes on live instances with salt?
21:24 tapoxi joined #salt
21:24 tapoxi anyone use salt_bootstrap and pass in a config with json?
21:25 johnkeates joined #salt
21:26 stanchan joined #salt
21:32 tapoxi its not working for me, no idea why
21:32 tapoxi says "ERROR: options are only allowed before install arguments" even though the options are at the end...
21:32 tapoxi sorry, install arguments at the end
21:35 fredrick Anyone have a clue what broke api?  I have to run it with ssl disabled?
21:38 kevinquinnyo i temporarily modified my PYTHONPATH to test a python module i'm working on, and a salt runner i wrote is failing the __virtual__() function which requires it but only when i execute the runner via the salt-api
21:39 kevinquinnyo salt-run works fine from the salt-master
21:39 kevinquinnyo any ideas?
21:41 mrBen2k2k2k joined #salt
21:45 raspy does debug show anything?
21:46 beowuff left #salt
21:46 jenastar left #salt
21:46 tapoxi where does config_salt run from in the bootstrap?
21:47 kevinquinnyo raspy: nope.  Since it's failing on the __virtual__() method, I'm pretty sure it doesn't know about my module which I manually put in PYTHONPATH and exported as root
21:47 kevinquinnyo so i need to either make a proper module, or figure out how to make salt's PYTHONPATH have my module path appended to it
21:48 pipps99 joined #salt
21:50 kevinquinnyo weird that salt-run works for me but not an api call with --data "client=runner&fun=my_runner.my_function"
21:52 TOoSmOotH_ joined #salt
21:52 ALLmightySPIFF joined #salt
21:53 om joined #salt
21:54 TOoSmOot- joined #salt
21:59 pipps joined #salt
22:05 fracklen joined #salt
22:08 MTecknology I keep having salt go boom on the first highstate because of something with boto not being available. I don't care about boto, just ignore the module. ... grrrr
22:08 MTecknology feels like a new bug in that module -- http://dpaste.com/31WBZ2B
22:09 Edgan MTecknology: version?
22:10 mrBen2k2k2k joined #salt
22:11 MTecknology 2016.3.2
22:13 spuder_ joined #salt
22:17 west575 joined #salt
22:21 manji joined #salt
22:22 MTecknology Edgan: https://github.com/saltstack/salt/blob/develop/salt/modules/boto_sqs.py#L76  ... 74-75 should keep 76 from executing :(
22:24 MTecknology AHA!
22:24 MTecknology https://github.com/saltstack/salt/blob/develop/salt/modules/boto_lambda.py#L88
22:25 MTecknology maybe?
22:25 MTecknology Edgan: the frustrating part is it only happens the first time I run highstate. Every othe time, it's fine.
22:31 ablinkin joined #salt
22:37 MTecknology yup, that L88 is it
22:38 devopsprosiva Hi, Is there any good documentation to use saltstack for continuous delivery in AWS? The basic idea is to bake AMIs and deploy/autoscale the application with little manual intervention.
22:41 MTecknology Edgan: I'll get a PR for this tonight... easy fix and easy to understand why it didn't show up previously. :D
22:41 mrBen2k2k2k joined #salt
22:42 MTecknology i lied.. that wasn't it :(
22:43 MTecknology /was/ working
22:43 ninjada joined #salt
22:43 sp0097 joined #salt
22:44 mikecmpbll joined #salt
22:46 raspy do cloud profiles allow .yml format?
22:46 evilRails joined #salt
22:50 ub1quit33 joined #salt
22:52 ablinkin joined #salt
22:52 oyvindmo joined #salt
22:53 MTecknology raspy: they are yaml, but can be specified in pillar too... I think... I read something about that
22:53 MTecknology time to run
22:53 raspy thx MTecknology
22:55 debian112 joined #salt
23:01 stanchan joined #salt
23:05 ssplatt joined #salt
23:07 pipps_ joined #salt
23:09 nicksloan joined #salt
23:10 ninjada joined #salt
23:11 ninjada joined #salt
23:14 mrBen2k2k2k joined #salt
23:20 devopsprosiva joined #salt
23:23 xbglowx Hi, is it possible to server pillar data from gitfs by just setting pillar_roots to something like salt://pillars?
23:23 xbglowx I tried, but no luck.
23:23 iggy no
23:23 iggy that would defeat the purpose of pillars
23:24 xbglowx right, you are correct.
23:25 xbglowx I was working on coming up with something that uses SALT.RENDERERS.GPG and was trying to save myself from having to create another git repo for pillar data.
23:26 ry joined #salt
23:26 Bryson joined #salt
23:27 ablinkin joined #salt
23:28 iggy if you structure your git repo correctly, you can use gitfs_root (for file) and the root option for pillar
23:28 raspy is it possible to move the provider config file
23:29 raspy or is salt fixated on its location
23:30 xbglowx iggy thanks for the tip
23:41 west575 joined #salt
23:49 ssplatt joined #salt
23:49 pipps joined #salt
23:50 pipps joined #salt
23:50 agentnoel If I want to do a configtest for a service before restarting/reloading that service. Is the onlyif directive the best way to do it? (I am using a file.recurse, so cannot do a check_cmd)
23:52 om joined #salt
23:52 mrBen2k2k2k joined #salt
23:59 Brew1 joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary